package cn.tedu._09security.base.config;

import cn.tedu._09security.service.UserDetailServiceImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

/**
 * EnableWebSecurity:启用Spring Security安全验证;
 * WebSecurityConfigurerAdapter:Spring Security中自定义安全配置的基础类;
 * EnableGlobalMethodSecurity:激活鉴权检查的注解;
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 创建Bean对象放到IoC容器中;
     */
    @Bean
    public UserDetailsService userDetailsService(){
        return new UserDetailServiceImpl();
    }

    /**
     * configure + 回车;
     * 重写configure方法,实现自定义相关配置;
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                //1.配置请求的规则;
                .authorizeRequests()
                    .antMatchers("/api/public/**").permitAll()
                    .anyRequest().authenticated()
                .and()

                //2.配置表单登录;
                .formLogin()
                    .defaultSuccessUrl("/index.html")
                    .permitAll()
                .and()

                //3.配置注销登录;
                .logout()
                    .permitAll();
    }
}






